CYBER SECURITY NEWS – WEEK OF MAY 20, 2024

WebTPA data breach impacts 2.4 million insurance policyholders

The WebTPA data breach, disclosed earlier this month, has impacted approximately 2.4 million insurance policyholders in the United States.
The breach occurred, when an unauthorized actor accessed WebTPA’s network. The affected individuals are customers of large insurance companies such as The Hartford, Transamerica, and Gerber Life Insurance.
WebTPA, a subsidiary of GuideWell Mutual Holding Corporation and a third-party administrator, provides customized administrative services to health plans and insurance companies.
The exposed data includes full names, contact information, dates of birth, and Social Security numbers. However, financial account information, credit card numbers, medical treatment, and diagnostic information were not compromised.
WebTPA informed benefit plan providers and insurance companies of the breach and sent notifications to affected individuals.

Banco Santander, a major global bank, has suffered a data breach impacting customers in Spain, Chile, and Uruguay, as well as current and former employees.
The breach occurred after an unauthorized actor accessed a database hosted by one of Santander’s third-party service providers.
While the bank has not disclosed the specific types of data exposed, it has assured customers that transaction information and online banking credentials were not affected.
Santander has taken immediate action to contain the incident, block the compromised access, and implement additional fraud prevention controls to protect affected customers

Japanese automaker, Nissan, experienced a significant cyberattack affecting 53,000 employees in North America.
The breach, which occurred in November of the previous year, exposed Social Security numbers of both current and former employees.
Following the breach, Nissan engaged in a thorough investigation, notified law enforcement, and implemented measures to contain and neutralize the threat.
Despite the breach, Nissan has not detected any instances of fraud or identity theft resulting from the incident.

The MediSecure data breach is a significant cybersecurity incident that has impacted the personal and health information of individuals in Australia.
The breach was confirmed by the Australian National Cyber Security Coordinator and is believed to have originated from a third-party vendor.
The company has acknowledged the incident and stated that it has taken immediate steps to mitigate any potential impact on its systems.
While the full extent of the breach is still being investigated, early indicators suggest that the
incident originated from one of MediSecure’s third-party vendors.

The City of Helsinki is investigating a massive data breach on its education division, which was discovered in late April 2024.
The breach impacted tens of thousands of students, guardians, and personnel. An unauthorized actor exploited a vulnerability in a remote access server to gain access to a network drive containing tens of millions of files.
Although most files lacked personally identifiable information (PII), some included usernames, email addresses, personal IDs, physical addresses, and highly sensitive information such as fees, childhood education and care details, children’s status, welfare requests, medical certificates, and more.
The city’s authorities have notified the Data Protection Ombudsman, the Police, and Traficom’s National Cyber Security Centre, and are working to determine the extent of the breach.